Vmoksha is now ISO27001:2013 Certificate Holder

Recently, Vmoksha Technologies, a pioneer in IT services, undertook the ISO27001:2013 upgradation audit on 17th & 18th August 2015. The auditing starts with an opening meeting, attended by multiple stakeholders. Accompanying these attendees, we also had heads of all departments & few projects, representing themselves as auditees in their respective areas.

Initially, the auditor shared information on BSI, the plans and how he conducts the audit. Later, the auditor had a discussion with Vmoksha’s management, who shared the vision, business, and strategic plans of Vmoksha. He has also mentioned the importance of ISO27001:2013 up-gradation.

On 17th Aug, the auditor reviewed all the findings that were captured during the previous year’s audit and confirmed that everything is addressed thoroughly. He checked the contents of ISMS Manual and verified whether we have covered all the areas that have been mentioned in the ISO27001:2013 guidelines. He suggested the areas, which we need to focus more and advised how to address these gaps. The auditor thoroughly explained the importance of representing a process using matrix and flow charts rather than plain text with points.

On 18th Aug, the auditor continued with the ISMS manual, risk assessment, risk register, internal audit procedures and findings, management review meeting details and closure of previous audit reports. He also discussed the Security Incident Management reports and Information Security BCP reports. He recommended us on how to improve our process, documentation, and secure department/project data. He emphasized more towards the information security and implement processes, mentioned in the ISO27001:2013 guidelines. Later, he audited one development project and admin facility. The auditor shared some best practices that can follow in the industry for project management and SDLC process.

The audit was successfully concluded with a feedback session, including all the stakeholders in the closing meeting. The auditor appreciated Vmoksha’s positive work culture and compliance driven process. He was pleased by the continuous improvement made by all the departments in adherence to the ISO standards and the eagerness to migrate towards the ISO27001:2013 upgradation. He also suggested appropriate stakeholders to undergo the Lead Implementer training.

Lastly, the auditor mentioned that Vmoksha receives the ISO27001:2013 upgradation certification within six weeks. He has appreciated the arrangements and hospitality provided by Vmoksha.

The overall experience with the auditors and stakeholders is very pleasant and informative. Vmoksha has committed to adhere to the best practices in the industry and continuously add value to the projects and its customers.